Please enable javascript to view this page in its intended format.

Queen's University
 

Phishing Samples

 

Note: The samples shown below are not intended as a definitive list of phishing emails in circulation at Queen's.

 

Sample 1

 

This first email is an example of "spear phishing," or an email that is targeted to a specific group of people. This message, falsely attributed to Chancellor David Dodge, was circulated to Queen’s students, informing them about the cancellation of classes. An obvious indication that the email was fake was that it was sent after the last day of classes. So there were no classes to cancel on the following week.

 

Sent: April 5, 2014 4:09 PM
Subject: CLASS CANCELLATIONS - Please Read Immediately!

 

All classes on Monday and Tuesday have been canceled due to
recent developments in the revealing of the truth about life
and death.

 

All students are being granted extra time to review the
material at The Truth Contest, a website started by Queen's
University students:  www.truthcontest.com ~ Google "Truth
Contest" if you prefer to not click on links in emails.

 

On the website homepage, click the top entry, The Present.


What it says will turn this world right-side up if enough
people see it.  You will see what I mean when you read the
first page. Show this to all of your contacts; everyone needs
to read it.


This is much more important than class, so take these days off
to seek and learn the truth about life.  All of your
professors have been notified.


Sincerely,

 

David A. Dodge
Chancellor
Queen's University

 

Sample 2

 

This phishing sample was widely circulated at Queen's in the fall of 2010. It is notable for its poor spelling and grammar.

 

From: QUEEN'SU UNIVERSITY

Subject: QUEEN'SU UNIVERSITY

To: undisclosed recipients: ;

Reply-to: queenswebmailupgrade2010@gmail.com

 

Dear QUEEN'SU UNIVERSITY Webmail user,

We are currently verifying our subscribers email accounts in order to

increase the Efficiency of our webmail features. To partake in this

Recent Upgrade Taking Place at QUEEN'SU Webmail, You must Reply to this email by Confirming your account details below.

 

UserName:

Password:

Date Of Birth:

 

Failure to do this will immediately render your Web-email address

deactivated from our database.

Thanks for using QUEEN'SU webmail service.

QUEEN'SU Account upgrading.

 

QUEEN'SU UNIVERSITY, 2010

 

Sample 3

 

This email started circulating at Queen's in early 2011. Note the use of Queen's-specific language (such as NetID, IT Support Centre, ITS Help Form) as well as Queen's official mailing address.

 

From:       IT Support Centre [helpdesk001@w.cn]
Subject:    IT Support Centre Notice/News.

This notice is to inform you that an ERROR have been detected in your NetID email account, this ERROR was caused by congestion and SPAM emails. You have been contacted in order for you to confirm your account and avoid losing it. Kindly confirm your account by sending the requested information below.

ITS Help Form

* NetID:-
* Password:-
* Phone Number:-

This notice is from IT Support Centre.


Sign,

Andy Nishimura

Queen's University
99 University Avenue
Kingston, Ontario
Canada K7L 3N6
© Queen's University

 

Sample 4

 

Finally, this email is another example of "spear phishing" - an email targeted to a specific group. In this case, it emulates a real email that has been circulated by an ITServices staff member, except that the link to the password change tool has been altered to point to a non-Queen's URL, and the telephone number for the IT Support Centre has been altered by one digit.

 

This is a warning about a message sent to a number of people at Queen's with the subject "UPGRADE YOUR ACCOUNT".

Mail server logs indicate you may have received this message. It asks you to provide your password and other personal information via a web link. It is a hoax, attempting to steal your password. Do not reply to that message or follow any web links it contains; just delete it.

If you have already replied with your password or gotten such mail, change your password immediately, using the ITServices password change at

http://www.jotform.com/queensu/10142820284

Do not send your password to anyone in response to an email notice. Do not assume the absence of a warning from ITServices means a request is valid. Queen's University will never request your password by email.

If you are uncertain about the validity of a request for your password, please telephone the Queen's IT Support Centre at 613 523 6666.

rick pim
queen's its

Kingston, Ontario, Canada K7L 3N6 613.533.2000